# =========================history=============================
<source>
  @type tail
  tag history
  path /root/.bash_history
  pos_file /opt/aops/fluentd/history.pos
  <parse>
    @type multiline
    format_firstline /\S\d+\n/
    format1 /\S(?<rawtime>\d+)(?<message>.*)/
    types rawtime:integer
  </parse>
</source>


<filter history>
  @type record_transformer
    remove_keys rawtime
  <record>
    data_item history
  </record>
</filter>


<match history>
  @type elasticsearch
  host  {{ elasticsearch_host }}
  port {{ elasticsearch_port }}
  index_name {{ ansible_host }}
  include_timestamp true
  time_key rawtime
  flush_interval 5s
  suppress_type_name true
</match>


# ==========================dmesg==============================
<source>
 @type syslog
 port {{ fluentd_demsg_port }}
 bind 0.0.0.0
 tag dmesg
</source>

<filter dmesg.*.*>
  @type record_transformer
  <record>
    data_item dmesg
  </record>
</filter>

<match dmesg.*.*>
  @type elasticsearch
  host {{ elasticsearch_host }}
  port {{ elasticsearch_port }}
  time_key time
  index_name {{ ansible_host }}
  include_timestamp true
  flush_interval 5s
  suppress_type_name true
</match>